Archive for month: March, 2017

When you use iCloud to sync your Apple gadgets, your non-public knowledge could also be liable to getting uncovered or deleted by April seventh.

It has been discovered mischievous group of hackers claiming to have entry to over 300 million iCloud accounts is threatening Apple to remotely wipe knowledge from these thousands and thousands of Apple gadgets until Apple pays it $75,000 in crypto-currency or $100,000 price of iTunes present playing cards.

The hacking group, who recognized themselves as ‘Turkish Crime Household,’ has demanded a ransom to be paid in Bitcoin or Ethereum, one other in style crypto-currency.

Motherboard broke this story on Tuesday after a hacker claiming to signify the alleged hacking group shared screenshots of alleged emails between the group and Apple’s safety workforce with the publication.

“I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” the hacker instructed Motherboard.

The screenshots of e mail change point out that when Apple safety workforce requested for a pattern checklist of hacked account to confirm the claims, the group solely offered a YouTube video demonstrating entry to one of many allegedly hacked accounts and remotely wiping all content material from the system.

Nonetheless, the story appears inconsistent, as on its Twitter account, the group claims to have entry to 200 million iCloud accounts, whereas in one of many emails, it says to entry 300 million Apple e mail accounts and in one other, the quantity will get nearly double to 559 million.

At the moment, it is vitally tough for even Apple to confirm the claims. Nonetheless, the corporate has warned the group saying that it doesn’t reward cyber criminals for breaking the legislation and asking them to take away the video because it was “searching for undesirable consideration.”

The hacking group has given Apple a deadline till April 7 to pay up the ransom. Except its calls for are met, the group are going to begin remotely wiping sufferer’s Apple gadgets and reset iCloud accounts.

I remember the days when windows used to be plagued with the lovely blue screen of death. It used to be a regular occurrence especially if you installed a third party driver or hardware that windows wasn’t particularly fond of. I have since switched to MacOS and have never experience such events ever again.

Now I mostly use mobile devices such as an iPad and iPhone to complete 90% of my work. And I must say I spend most time on these types of devices. I use both of the devices for both work and play. Which brings me to what had happened few days ago. I was on FaceTime and my iPhone 6S Plus running 10.2 locked up with the following green like screen:

Nothing was responsive and I had to perform a hard reboot (home+power). The phone did go back to normal. I did some googling and I can’t figure out what this is? If anyone has any ideas feel free to drop me a line.

When you are releasing an Android application you are faced with deciding of putting a versionCode and versionName. Both are usually found in your manifest. However, I have started to input them in my Gradle and more developers have started to do the same. But what the heck is the difference between the two.

Android:versionCode – An internal version number. Not visible to users.

Android:versionName – The version name shown to users.

My releases usually look as follows:

versionCode – 1 versionName – 1.0

Lets pretend I have just updated my app to the next version, it would look as follows:

Since iOS 9 Info.plist has become a very important file especially during the app submission process. I think almost every developer has had a rejection notice by now due to a missing element in the info.plist directive. When iOS 10 was released Info.plist has become the most important file. I’ve had builds simply disappear from the iTunes.connect dashboard simply because I was lacking a key-string that was required to be part of Info.plist.

The most common key-strings that I have missed are:

<string>This app requires access to the photo library.</string> <key>NSMicrophoneUsageDescription</key> <string>This app does not require access to the microphone.</string> <key>NSCameraUsageDescription</key> <string>This app requires access to the camera.</string>

Here is a full list:

Apple Music:

<key>NSAppleMusicUsageDescription</key> <string>My description about why I need this capability</string> Bluetooth:

<key>NSBluetoothPeripheralUsageDescription</key> <string>My description about why I need this capability</string> Calendar:

<key>NSCalendarsUsageDescription</key> <string>My description about why I need this capability</string> Camera:

<key>NSCameraUsageDescription</key> <string>My description about why I need this capability</string> Contacts:

Apple has all the earmarks of being wanting to drop bolster for 32-bit applications in a forthcoming form of iOS. The ready exchange displayed when propelling a 32-bit application on iOS 10.3 beta 1 now cautions clients that the application should be refreshed to keep taking a shot at future variants of iOS. This proposes iOS 11 expected in the not so distant future could be the principal adaptation to just support 64-bit applications.

Apple has upheld 64-bit applications on iOS since the dispatch of the iPhone 5s in September 2013. Apple has additionally required designers submit new applications with 64-bit bolster since February 2015 and application refreshes since June 2015.

While legacy 32-bit applications still in the App Store have kept on being upheld, iOS 9 incorporated a ready when first propelling 32-bit applications that told clients the legacy application may back off gadget execution.

Apple has changed the ready exchange on iOS 10.3 beta 1 to caution that support will be expelled in future iOS forms.

If you have a 32-bit application here is some of the messages your application might trigger.

From iOS 10.2.1:

“YOUR APP NAME” May Slow Down Your iPad

The developer of this app needs to update it to improve its compatibility.

And iOS 10.3 beta 1:

“YOUR APP NAME” Needs to Be Updated

This app will not work with future versions of iOS. The developer of this app needs to update it to improve its compatibility.

For applications that are still in the App Store, the ready exchange ought to put weight on application proprietors to get with the circumstances or face applications being expelled from the App Store.

Back in September, Apple point by point arrangements to start cleansing “problematic and abandoned apps” from the App Store in one of the principal moves to concentrate on application quality over list amount. The next month, Apple was said to have expelled about 50,000 applications from the App Store.

On February 18, 2017 Tavis Ormandy, a research analyst with Google’s Project Zero, revealed delicate information spilling from sites utilizing Cloudflare’s proxy services, which are utilized for their content delivery network (CDN) and distributed denial-of-service (DDoS) mitigation services. Cloudflare gives an assortment of services to a ton of sites – to at least couple of million. Tavis informed Cloudflare promptly. A couple includes in Cloudflare’s intermediary services had been utilizing an imperfect HTML parser that spilled uninitialized memory from Cloudflare’s edge servers in some of their HTTP reactions. Helpless components in Cloudflare’s services were handicapped inside hours of accepting Tavis’ divulgence, and their services were completely fixed with every defenseless element completely re-empowered inside three days. Cloudflare has a point by point review about Cloudbleed’s basic issue and their reaction to it – Click here.

Should I be worried?

Not if you are hosted with Primary Technologies. We have NEVER endorsed third party CDN providers such as Cloudflare. If you are or been hosted elsewhere than your data may have been spilled. Any merchant’s site utilizing Cloudflare’s intermediary service could have uncovered your passwords, session treats, keys, tokens, and other touchy information. In the event that your association utilized this Cloudflare intermediary benefit between September 22, 2016 and February 18, 2017, your information and your clients’ information could have been spilled and stored via web crawlers.

Who is affected?

Prior to Tavis’ divulgence, information had been spilling for quite a long time. It’s too early to know the full extent of the information that was spilled and the locales and services that were influenced (in spite of the fact that we’re headed toward a nice begin). There is right now a decent lot of perplexity and misalignment on the status of different services.